Collecting Bitdefender Gravityzone Logs

Hi all, I had been assigned the task of collecting Gravityzone Bitdefender logs following their Documentation for Splunk as a guideline. Has anyone been able to successfully do this? And would you kindly help out.

Wed 9:13pm

using curl and the setPushEventSettings {“url”: "https://<>:8071?token=<>
I get varying errors
{“id”:null,“jsonrpc”:“2.0”,“error”:{“code”:-32600,“message”:“Invalid Request”,“data”:{“details”:“Invalid content type. Required: application/json”}}}curl: (3) Illegal port number
curl: (3) Illegal port number
curl: (3) [globbing] nested brace in column 12

our server is a * Debian


For us to help you further we need to know more about your environment. Its unfortunate that the information you have provided is not enough. If you could have a look here this may give you more of an idea what were looking for.

I personally have not worked with Gravityzone Bitdefender logs But if it does create a log file then its possible to extract it and then ship it.

By chance you have a link for this?



Sorry I haven’t worked with this software but I did a little research. It seams that Splunk is a software platform for data collection, indexing, searching, and visualization. :thinking: sound familiar.

But it does have something called “The universal forwarder” Maybe check that out.
I’m assuming from the documentation this is some type of plugin/App for Splunk on your Gravityzone server so I’m not sure if that would work.

That was for Splunk, on Gravityzone we first enable Event Push Service API and generate API Keys which will be used during the log collection through cef or jsonrpc

Correct me if I’m wrong. Your integrate GravityZone Cloud Platform with Splunk and then sending log/s to Graylog?

Am trying to send the directly.

I see now. I take it you have tried other log shippers like Nxlog-ce, Beats and Graylog sidecar and didn’t work?

Couldn’t. Its cloud based and the only way to push is through jsonrpc

Hi @tonton
maybe this could be your solution:


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.